Providing cyber resilience in software-defined networks by secure routing means

2021;
: 11-19
https://doi.org/10.23939/ictee2021.01.011
Received: December 01, 2021
1
Kharkiv National University of Radio Electronics
2
Kharkiv National University of Radio Electronics

This paper is devoted to solving the technical task of providing cyber resilience utilizing secure routing means in Software-Defined Networks (SDN). The work analyzes the SDN architecture and
its main components, the concept of cyber resilience and its means, as well as security issues in SDN. Particular attention is paid to the use of secure routing in software-defined networks.
Numerical research of the model of secure multipath routing of fragmented confidential messages in the SDN data plane was conducted. The calculation of the message compromise probability for
different values of links compromise probabilities was performed. The obtained results showed that the model of secure multipath routing of fragmented confidential messages with redundancy
provides a better balancing of message parts by routes. Results of the numerical study proved the adequacy of the selected secure multipath routing model.

  1.   Linkov, I., and Kott, A. (2019), “Fundamental concepts of cyber resilience: Introduction and overview”,Cyber resilience of systems and networks, Springer, Cham, pp. 1–25.
  2.   Galinec, D., and Steingartner, W. (2017), “Combining cybersecurity and cyber defense to achieve cyber resilience”, 2017 IEEE 14th International Scientific Conference on Informatics, IEEE, pp. 87–93.
  3.   Ross, R., Pillitteri, V., Graubart, R., Bodeau, D., and McQuaid, R. (2019), “Developing Cyber Resilient Systems: A Systems Security Engineering Approach” (No. NIST Special Publication (SP) 800–160 Vol. 2 (Draft)), National Institute of Standards and Technology.
  4.   Dickson, F., and Goodwin, P. (2019), “Five Key Technologies for Enabling a Cyber-Resilience Framework”, US45455119, IBM.
  5.   Musman, S. (2016), “Assessing prescriptive improvements to a system’s cyber security and resilience”, 2016 Annual IEEE Systems Conference (SysCon), IEEE, pp. 1–6.
  6.  Stallings, W. (2015), Foundations of modern networking: SDN, NFV, QoE, IoT, and Cloud. Addison-Wesley Professional.
  7.  Rangan, R. K. (2020), “Trends in SD-WAN and SDN”, CSI Transactions on ICT, vol. 8, no. 1, pp. 21–27.
  8.  Stallings, W. (2018), Effective Cybersecurity: A Guide to Using Best Practices and Standards. Addison-Wesley Professional.
  9.  Liu, Y., Zhao, B., Zhao, P., Fan, P., and Liu, H. (2019), “A survey: Typical security issues of software-defined networking”, China Communications, vol. 16, no. 7, pp. 13–31.
  10.  Porras, P., Shin, S., Yegneswaran, V., Fong, M., Tyson, M., and Gu, G. (2012), “A security enforcement kernel for OpenFlow networks”, Proceedings of the first workshop on Hot topics in software defined networks, pp. 121–126.
  11.  Yeremenko, O., Lemeshko, O., and Persikov, A. (2017), “Secure routing in reliable networks: proactive and reactive approach”, Conference on Computer Science and Information Technologies. Springer, Cham, pp. 631–655.
  12. Patil, M. V., and Jadhav, V. (2017), “Secure, reliable and load balanced routing protocols for multihop wireless networks”, 2017 International Conference on Intelligent Computing and Control (I2C2), IEEE, pp. 1–6.
  13.  Li, J., Yang, Z., Yi, X., Hong, T., and Wang, X. (2018), “A Secure Routing Mechanism for Industrial Wireless Networks Based on SDN”, 2018 14th International Conference on Mobile Ad-Hoc and Sensor Networks (MSN), IEEE, pp. 158–164.
  14.  Sagare, A. A., and Khondoker, R. (2018), “Security Analysis of SDN Routing Applications”, SDN and NFV Security, Springer, Cham, pp. 1–17.
  15.  Francois, F., and Gelenbe, E. (2016), “Optimizing secure SDN-enabled inter-data centre overlay networks through cognitive routing”, 2016 IEEE 24th International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunication Systems (MASCOTS), IEEE, pp. 283–288.
  16.  Lemeshko, O., Yeremenko, O., Shapovalova, A., Hailan, A. M., Yevdokymenko, M., and Persikov, M. (2021), “Design and Research of the Model for Secure Traffic Engineering Fast ReRoute under Traffic Policing Approach”, 2021 IEEE 16th International Conference on the Experience of Designing and Application of CAD Systems (CADSM), IEEE, pp. 23–26.
  17. Lou, W., and Kwon, Y. (2006), “H-SPREAD: a hybrid multipath scheme for secure and reliable data collection in wireless sensor networks”, IEEE Transactions on Vehicular Technology, 55(4), рр. 1320–1330.
  18. Yeremenko, O. S., and Ali, A. S. (2015), “Secure multipath routing algorithm with optimal balancing message fragments in MANET”, Radioelectronics and Informatics. 2015. vol. 1, no. 68, pp. 26–29.
  19.  Лемешко О. В., Невзорова О. С., Єременко О. С., Євсєєва О. Ю. (2016), Методичні вказівки до практичних занять з дисципліни “Управління та маршрутизація в ТКС” для студентів денної форми навчання спеціальності 6.050903, Телекомунікації, Харків: ХНУРЕ.
  20.  Duffy, D. G. (2016), Advanced engineering mathematics with MATLAB®, Chapman and Hall/CRC.